2.1 KiB
2.1 KiB
<html lang="en">
<head>
<style>
body {
font-family: system-ui, sans-serif;
text-align: center;
padding: 40px 20px;
background-color: #f8f9fa;
}
h2 {
font-size: 24px;
margin-bottom: 12px;
}
</style>
</head>
Baron SSO Provider
아래 버튼을 클릭하면 로그인이 완료됩니다.
Confirm Login <script> document.getElementById('confirm-login-btn').addEventListener('click', () => { // --- This script now creates a dummy JWT with a dynamic issuer --- const header = { alg: "RS256", // Using RS256 as it's common for SSO typ: "JWT", kid: "simulated-key-id" // Key ID for JWKS lookup }; const payload = { iss: "https://sso.baron.com", // Simulated issuer sub: `baron-user-${Math.random().toString(36).substring(2, 10)}`, name: "Simulated User", iat: Math.floor(Date.now() / 1000), exp: Math.floor(Date.now() / 1000) + (60 * 60) // Expires in 1 hour }; // In a real scenario, this token would be signed by the SSO provider's private key. // We are sending an unsigned token for structure demonstration. The verification // on the server side will fail if it tries to verify the signature, // but the demo setup is focused on decoding and key fetching. const dummyToken = btoa(JSON.stringify(header)) + '.' + btoa(JSON.stringify(payload)) + '.dummies_signature'; window.opener.postMessage({ type: 'LOGIN_SUCCESS', token: dummyToken }, '*'); // Close the popup after sending the message window.close(); }); </script> </html>